aboutsummaryrefslogtreecommitdiffstats
path: root/testing/tests/tnc
Commit message (Collapse)AuthorAgeFilesLines
* testing: Include IKE port information in evaltestsAndreas Steffen2016-03-0519-68/+68
|
* testing: Some minor fixes in test scenariosAndreas Steffen2016-02-281-0/+2
|
* Fix of the mutual TNC measurement use caseAndreas Steffen2016-02-1615-8/+214
| | | | | | | | | | | | | | | | | If the IKEv2 initiator acting as a TNC server receives invalid TNC measurements from the IKEv2 responder acting as a TNC clienti, the exchange of PB-TNC batches is continued until the IKEv2 responder acting as a TNC server has also finished its TNC measurements. In the past if these measurements in the other direction were correct the IKEv2 responder acting as EAP server declared the IKEv2 EAP authentication successful and the IPsec connection was established even though the TNC measurement verification on the EAP peer side failed. The fix adds an "allow" group membership on each endpoint if the corresponding TNC measurements of the peer are successful. By requiring a "allow" group membership in the IKEv2 connection definition the IPsec connection succeeds only if the TNC measurements on both sides are valid.
* testing: Converted tnc scenarios to swanctlAndreas Steffen2015-12-11386-2383/+5091
|
* testing: Fixed some more timing issuesAndreas Steffen2015-11-101-0/+1
|
* testing: Reduce runtime of all tests that use SQLite databases by storing ↵Tobias Brunner2015-11-0930-66/+38
| | | | them in ramfs
* testing: tnc/tnccs-20-hcd-eap scenario does not use SWID IMV/strongTNCTobias Brunner2015-11-094-114/+1
|
* testing: Improve runtime of TNC tests by storing the SQLite DB in ramfsTobias Brunner2015-11-0914-9/+30
| | | | This saves about 50%-70% of the time needed for scenarios that use a DB.
* testing: Avoid delays with ping by using -W and -i optionsTobias Brunner2015-11-0917-32/+32
| | | | | | With -W we reduce timeouts when we don't expect a response. With -i the interval between pings is reduced (mostly in case of auto=route where the first ping yields no reply).
* testing: Remove nearly all sleep calls from pretest and posttest scriptsTobias Brunner2015-11-0923-51/+53
| | | | | By consistently using the `expect-connection` helper we can avoid pretty much all previously needed calls to sleep.
* testing: Adapt tests to retransmission settings and reduce DPD delay/timeoutTobias Brunner2015-11-097-1/+15
|
* Extend HCD attribute data for tnc/tnccs-20-hcd-eap scenarioAndreas Steffen2015-08-182-16/+45
|
* Added reason string support to HCD IMVAndreas Steffen2015-08-181-7/+10
|
* Fixed patches format delimited by CR/LFAndreas Steffen2015-08-184-50/+50
|
* testing: Added tnc/tnccs-20-hcd-eap scenarioAndreas Steffen2015-08-1824-0/+674
|
* testing: Updated expired AAA server certificateAndreas Steffen2015-08-044-84/+84
|
* testing: Fix URL to TNC@FHH project in scenario descriptionsTobias Brunner2015-05-056-8/+8
|
* imv_policy_manager: Added capability to execute an allow or block shell ↵Andreas Steffen2015-04-267-2/+24
| | | | command string
* Added tnc/tnccs-20-fail-init and tnc/tnccs-20-fail-resp scenariosAndreas Steffen2015-03-2730-0/+404
|
* Added tnc/tnccs-20-pt-tls scenarioAndreas Steffen2015-03-2724-5/+114
|
* testing: added tnc/tnccs-20-mutual scenarioAndreas Steffen2015-03-2311-0/+151
|
* testing: Update test conditions because signature schemes are now loggedTobias Brunner2015-03-044-8/+8
| | | | | RFC 7427 signature authentication is now used between strongSwan hosts by default, which causes the actual signature schemes to get logged.
* testing: Lower batch size to demonstrated segmetation of TCG/SWID Tag ID ↵5.2.1rc1Andreas Steffen2014-10-111-2/+2
| | | | Inventory attribute
* testing: Don't check for the actual number of SWID tags in PDP scenariosTobias Brunner2014-10-072-8/+8
| | | | | The number of SWID tags varies depending on the base image, but lets assume the number is in the hundreds.
* testing: Make TNC scenarios agnostic to the actual Debian versionTobias Brunner2014-10-0718-45/+52
| | | | | The scenarios will work with new or old base images as long as the version in use is included as product in the master data (src/libimcv/imv/data.sql).
* configure: Load fetcher plugins after crypto base pluginsMartin Willi2014-09-2456-60/+57
| | | | | | | | | | Some fetcher plugins (such as curl) might build upon OpenSSL to implement HTTPS fetching. As we set (and can't unset) threading callbacks in our openssl plugin, we must ensure that OpenSSL functions don't get called after openssl plugin unloading. We achieve that by loading curl and all other fetcher plugins after the base crypto plugins, including openssl.
* Updated description of TNC scenarios concerning RFC 7171 PT-EAP supportAndreas Steffen2014-06-266-24/+30
|
* Removed django.db from swid scenariosAndreas Steffen2014-06-262-0/+0
|
* Updated strongTNC configurationAndreas Steffen2014-06-116-8/+14
|
* Test SWID REST API ins tnc/tnccs-20-pdp scenariosAndreas Steffen2014-05-3121-69/+161
|
* Migration from Debian 7.4 to 7.5Andreas Steffen2014-05-3111-18/+18
|
* Minor changes in the test environment5.2.0dr4Andreas Steffen2014-05-152-0/+10
|
* Implemented PT-EAP protocol (RFC 7171)Andreas Steffen2014-05-1246-156/+163
|
* Handle tag separatorsAndreas Steffen2014-04-151-1/+1
|
* Updated SWID scenariosAndreas Steffen2014-04-156-4/+18
|
* Implemented segmented SWID tag attributes on IMV sideAndreas Steffen2014-04-1554-36/+101
|
* Use python-based swidGenerator to generated SWID tagsAndreas Steffen2014-04-1513-17/+25
|
* Make Attestation IMV independent of OS IMVAndreas Steffen2014-04-1521-11/+310
|
* Fixed pretest script in tnc/tnccs-20-pt-tls scenarioAndreas Steffen2014-04-041-1/+1
|
* Merged libstrongswan options into charon sectionAndreas Steffen2014-03-153-32/+9
|
* Disable mandatory ECP support for attestionAndreas Steffen2014-03-0718-0/+312
|
* testing: Use installed PTS SQL schema and data instead of local copyTobias Brunner2014-02-124-8/+8
|
* Updated and split data.sqlAndreas Steffen2013-10-2316-4491/+174
|
* Added swid_directory optionAndreas Steffen2013-10-111-0/+3
|
* Added tnc/tnccs-11-supplicant scenarioAndreas Steffen2013-10-1129-0/+1489
|
* Implemented TCG/PB-PDP_Referral messageAndreas Steffen2013-09-171-0/+2
|
* Added tags table and some tag samplesAndreas Steffen2013-09-051-1/+81
|
* Added regids table and some sample reqid dataAndreas Steffen2013-09-021-0/+49
|
* Pull dave for OS infoAndreas Steffen2013-09-021-1/+1
|
* Cleaned configuration files in PT-TLS client scenarioAndreas Steffen2013-08-2211-127/+13
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 11:00:51 +0000